Re: Cannot connect as Internal....?

From: Howard J. Rogers <howardjr2000_at_yahoo.com.au>
Date: Tue, 9 Sep 2003 06:49:17 +1000
Message-ID: <3f5cebbe$0$28121$afc38c87_at_news.optusnet.com.au>

"Hari Om" <hari_om_at_hotmail.com> wrote in message news:d1d5ebe4.0309081135.2f4d4106_at_posting.google.com...
> Cannot connect as Internal
>
> Hello,
>
> I am using IBM AIX 5.1L box for Oracle 9.2.0.1.
>
> I cannot connect as internal to my DB INstance - wonder why? Here is
> what is do:
> -------------------------------------------------------------------
> $export ORACLE_SID=GATES
> $./sqlplus /nolog
> SQL*Plus: Release 9.2.0.1.0 - Production on Mon Sep 8 13:28:42 2003
> Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
> SQL> conn internal/oracle
> ERROR:
> ORA-09275: CONNECT INTERNAL is not a valid DBA connection
> SQL>
> -------------------------------------------------------------------
>
> Can anyone tell what is wrong here....? Also, BTW why do we need to
> connect as Internal and what is the use of Internal which cannot be
> done by other accounts like SYS or SYSTEM or SCOTT etc....?
>
> Any related information on this is appreciated.
>
> THANKS!
Well, as others have told you, Internal is not a valid way of connecting to a 9i database anymore. It was actually deprecated back in 8.0, but it was finally abolished in 9i, so now there's no choice.

Internal was never a username, by the way (find an 8.0 database, and see if its listed in dba_users.... it won't be). It's merely a keyword that means "I wish to log on as a privileged user". And a privileged user, unlike ordinary users such as SYSTEM or SCOTT, is able to perform basically 5 special actions: startup, shutdown, backup, recover and create database.

SYSTEM, for example, is a very powerful account. It has been granted the entire set of system privileges, for example, which means there is practically nothing it can't do. But if you log on as SYSTEM and try saying 'shutdown abort', you'll get the error message 'insufficient privileges'. So it's powerful, but it's not privileged.

SYS, on the other hand, *is* a privileged user. Indeed, if you ever get your hands on an 8.0 or 8i database and do a 'connect internal', follow it up with a 'show user' command: you'll discover you were logged on as SYS in any case. As it happens, SYS is the *only* privileged user in the entire database. Even if I grant you, the user "Hari", the SYSDBA privilege (which is what makes someone a privileged user), when you log on and claim the right to use that privilege, a 'show user' would reveal that you've actually been logged on as SYS.

Therefore, these days, in 9i, to achieve the same degree of control over the system as you used to have with 'connect internal', you simply connect as SYS with the SYSDBA privilege. And as you've seen in other replies, the syntax for that is:

connect sys/some_password AS SYSDBA

Or, if you've got Operating System authentication working (and since you're on AIX, that means your Unix username being a member of the dba group... so check /etc/groups):

connect / AS SYSDBA

The key words are "AS SYSDBA", meaning "I wish to claim the use of the SYSDBA privilege"... which happens to include the ability to startup, shutdown, backup, recover and create databases... in other words, the very same set of privileged actions which the use of the old "INTERNAL" keyword gave you.

Regards
HJR Received on Mon Sep 08 2003 - 22:49:17 CEST

This message: [ Message body ]
Next message: Yan Pujante: "Integrity constraints with type inheritance"
Previous message: Daniel Roy: "Re: Insert Order into a table"
In reply to Hari Om: "Cannot connect as Internal....?"
Next in thread: Bricklen: "Re: Cannot connect as Internal....?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message